In modern vehicles, locking of the vehicle, activating the alarm and also other functions of the vehicle are controlled by a remote device.
The physical layer relay attack that is known to be used on existing key-less entry and start solutions is very hard to prevent as it is independent of communication protocols, authentication, and encryption.
In a typical relay attack, communication with both parties is initiated by the attacker who then merely relays messages between the two parties without manipulating them or even necessarily reading them.
By using position data to estimate motion of the smart phone, and then comparing this with the motion estimated by the smart phone by data from its motion sensors, it would become necessary for the attackers to also synchronize the motion of the “fake” smart phone in proximity of the car with the motion of the remote “original” smart phone. This should make the attacker process significantly more complex, and difficult to carry out in a unobtrusive way.
WO2016/202592 describes one such method using an authentication element where access to the vehicle is based on a location and movement of the authentication element. Such movement is difficult to replicate by a third party attempting a physical layer relay attack, and the vehicle security is thereby improved.
However, as mentioned in WO2016/202592, using the motion sensor data requires that the velocity of the authentication element in the first position measurement is known, which is not so easily obtained. Another well-known positioning method for electronic devices is to use a GPS device. However, for many applications, the accuracy of a GPS device may not be sufficient. Moreover, there are circumstances where a GPS device cannot be used due to a lack of reception, such as in a parking garage and in dense city environments.
Accordingly, it is desirable to provide improved solutions for preventing physical layer relay attacks.